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Description 

This invention relates to a method and apparatus for controlling access to a database. 

In database systems it is usual for a number of users to be able to interact with the system and to utilise the 
s database- Such systems are thus called multiuser systems. A problem occurs in such systems, where the database 
contains information or data which is in some way sensitive, that is to say, it should only be available for a certain user 
or a member of a certain class of user. Where this is so, a security policy is implemented to restrict the data available 
to the class of user. 

An example of a database management system which supports multiple users is ORACLE (registered trademark 

10 of Oracle Corporation). ORACLE is a relational database management system. In a relational database, only one type 
of data structure exists and this is the table which is a two dimensional structure of rows and columns of data. A query 
language called Structured Query Language (SQL) may be used to access data in a database in a non-procedural way. 

There are a number of ways in which a security policy has been implemented on database management systems. 
For example, in one method each class of user is provided with its own copy of that part of the data held in the central 

15 database for which it is appropriate for that group to have access to. This method has been called the replication 
method because it results in the data being replicated since at least some of the data will exist in more than one copy. 
Clearly, such a method is very inefficient in terms of memory usage. Further, if one copy of the data is changed in some 
way by, for example, a user of a particular group updating a value, then a number of other copies of that data held by 
other groups will have to be updated. This will be time consuming and the way in which the system is administered 

20 will have to be very precise to ensure that data is maintained in a consistent state if, for example, the system crashes. 

In EP-A-O 398 645 there is described a system for controlling access privileges to an object-oriented database. 
In this system, each user is assigned a user identity and a set of group identities. Each object has an access list which 
provides access permissions. Each access control list has seven user or group identies. 

According to one aspect of the present invention, there is provided a method of controlling access by a user to a 

25 database which comprises a set of data divided into sub-sets of data, said method comprising the steps of: assigning 
a single security tag to each sub-set of data in at least some of said sub-sets of data, assigning a user tag to an identifier 
for each user in a user table, assigning at least one security tag to each user tag in a security table, utilising the user 
table to obtain the user tag for the user, utilising the security table to obtain at least one security tag corresponding to 
the user tag, and permitting the user to access any sub-set of data having said at least one security tag. 

30 With the present invention, it is possible to change the security policy by modification of the value in the security 

table alone without any need to reconfigure the database or to change the user tag associated with the user identifiers. 
A security tag may be a number or a character or other data entry. 

With the method of this invention, a database has to have one copy only of the data which is shared by the users. 
This avoids at least some of the problems associated with the known replication methods. It should be noted that not 

35 all of the database needs to be configured for the sake of security. Some parts may be public and thus open to ail users. 

According to another aspect of this invention, there is provided an apparatus for controlling access by a user to a 
database divided into sub-sets of data, said apparatus comprising means for assigning a single security tag to each 
sub-set of data in at least some of said sub-sets of data, means for assigning a user tag to an identifier for each user 
in a user table, means for assigning at least one security tag to each user tag in a security table, means for utilising 

40 the user table to obtain the user tag for a user, means for utilising the security table to obtain at least one security tag 
corresponding to a user tag, and means for permitting a user to access any sub-set of data having said at least one 
security tag. 

A specific embodiment of the invention will now be described, by way of example only, with reference to the drawing 
in which: 

45 

Figure 1 shows, in schematic block diagram form, hardware of a database system operating in accordance with 
an embodiment of the invention; 

Figure 2 shows a set of database accounts supported by the database system; 
Figure 3 shows a software view of the database system; 
so Figures 4 to 6 show, in schematic form, tables used in the database system; 

Figure 7 is an explanatory diagram of operation of the database system; 
Figure 8 is an explanatory diagram of a mapping operation carried out by the database system; 
Figure 9 is a further explanatory diagram showing steps in the mapping operation; and 

Figure 10 shows in schematic block diagram form the database system being used in a network management 
55 application. 

With reference to figure 1 , a database system 1 comprises a number of elements including a mainframe computer 
2 of well known type such as a DEC Micro Vax connected to a number of user terminals 3, 4 and 5 each of which 
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comprises a microcomputer of well known type such as an IBM PC. The connection is made by means of coaxial cable 
6 of well known type and the communication between the elements of the system 1 is achieved by a well known 
communications protocol such as Transmission Control Protocol/Internet Protocol (TCP/IP). 

The user terminals 3,4 and 5 are nominally identical. Each has a microprocessor 3a, 4a and 5a; memory 3b, 4b 
s and 5b; an input/output device 3c, 4c and 5c; a buffer 3d, 4d and 5d; a visual display unit (VDU) 3e, 4e and 5e, and a 
keyboard 3f, 4f and 5f. 

As will be readily appreciated, the memory 3b, 4b and 5b can be in the form of random access memory, read only 
memory or combinations of the both. The memory may be of solid state form as semiconductor 'chips" or disc (optical 
or magnetic) or a combination of these forms. 

10 Whateverthe form, the memory comprises a number of memory locations. These locations will contain instructions 

for governing the operation of the microprocessor 3a, 4a and 5a with which the particular memory is associated. The 
microprocessor 3a, 4a and 5a accesses the memory to obtain the instructions. A program for governing the operation 
of the terminal is held in the memory as a set of instructions located at a number of the memory locations. The instruc- 
tions will be in the form of a hexadecimal number. 

is The memory is linked to the microprocessor by a databus in a manner well known. The databus also links the 

microprocessor to the other elements of the terminal. The input/output device 3c, 4c and 5c acts as an interface between 
the terminal and the other computers in the system. 

The keyboard and VDU of each terminal interacts with the terminal's microprocessor via the buffer in a well known 
manner. Collectively, they provide an interface between the system and a user wishing to interact with the system. 

20 The main frame computer 2 has a processor 2a, memory 2b, an input/output device 2c, a peripheral buffer 2d and 

associated VDU 2e and keyboard 2f. Thus, it will be seen that the mainframe computer 2 is of the same form as the 
user terminals 3, 4 and 5. The major difference is that the storage capacity of the memory 2b is far greater than that 
of the memory of the user terminals. An administrator of the database system can access the system by utilising the 
keyboard 2f and VDU 2e. 

25 The terminals 3, 4 and 5 and the mainframe computer 2 are interconnected by the coaxial cable 6 which extends 

between the input/output devices 3c, 4c and 5c of the terminals and the input/output device 2c of the mainframe. As 
earlier mentioned a protocol called TCP/IP is used for communication between elements of the system 1. 

The memory 2b contains a database of information. This information can be accessed by the users from their 
terminals. However the extent to which each user is allowed to access the information may vary between users. The 
30 system administrator will have access to all the database. 

The system can be considered as providing a set of database accounts, as depicted in figure 2. The administrator 
will have an administrator account 21 and the users will have user accounts 22, 23 and 24. In this case the users are 
named Brown, Smith and Jones and the accounts are labelled accordingly. 

The memory 2b holds, as well as the database, a program for controlling the processor 2a, in particular, the way 
35 in which the database is accessed by each of the users. Thus, under software control the processor 2a acts as a 
database engine. 

As is shown in figure 3, Smith, Brown and Jones can input requests into the database engine 31 and the engine 
will process the request accessing the database 32 as required. The database engine 31 then outputs a response to 
the querying user. These requests will be carried by transmission over the coaxial cable 6. 
40 The database 32 is subdivided into three parts, each part being an SQL table. The first subdivision is a table 33 

called 'EMPLOY". The second subdivision is a table 34 called "SECURITY" and the third subdivision is a table 35 
called "USER". The database system 1 utilises a programming language called ORACLE SQL (registered trade mark 
of the Oracle Corporation) to set up and utilise the tables. The way in which the tables are initially created will be 
described later. 

45 The "EMPLOY" table 33 comprises information about employees in a company. It comprises a number of datafields 

as shown in figure 4. 

The datafields include a datafield 33a called "EMP NO" which includes the employee reference numbers for the 
employees of a particular company. 

There is a datafield 33b called "NAME" which includes the names of employees of the company held as a string 
50 of thirty characters (CHAR) or less. 

The next datafield is a datafield 33c which is called "POSITION". The "POSITION" datafield 33c contains informa- 
tion about the position of a particular employee in the company, for example, the employee may be a manager, clerk 
or secretary. This information is also stored as a string of ten characters or less. 

The next datafield is datafield 33d and this is called "SAL". This contains information about each employees salary 
55 expressed numerically in seven digits. 

Datafield 33e is called "DEPT" and this includes the name of the department within which the employees work. 
This information is held as a string of ten characters. 

Datafield 33f is called "ROW_TAG". This datafield contains a one character string indicative of a security status 
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of the row of information to which it belongs. This field is of particular significance to the way in which access is allowed 
to particular rows of the •EMPLOY" table 33. 

The "SECURITY" table 34 comprises two datafields, a first datafield 34a called "ROW_TAG" and a second datafield 
34b called "USERJTAG", as shown in figure 5. 

s The "ROW_TAG" datafield 34a will include the same characters as held in the "ROW_TAG" datafield 33f of the 

"EMPLOY" table. This will permit a mapping operation to be explained later in which rows of the "EMPLOY" table are 
selected by selecting these rows having a "ROW_TAG" the same as the "ROW_TAG" of the "SECURITY" table 34. 

The "USER_TAG" datafield 34b holds one character data. The function of this field is to enable the mapping op- 
eration mentioned above and this will be more fully explained later. 

io The "SECURITY" table 34 is thus named because the system security policy is embodied in the table. The 

"ROW_TAG" and "USER_TAG" of this table are termed security tags since the security policy is governed by these 
tags. The security policy may be conveniently modified by modifying this table. This aspect of the system will be more 
fully explained later. 

The "USER" table 35 is shown in figure 6 and comprises a "USERJTAG" field 35a and a "USERJMAME" field 35b. 
is The "USER_TAG" field 35a holds one character data which will include the same characters as those held in the 

"USER_TAG" field 34b of the "SECURITY" table 34. This will permit the aforementioned mapping operation to be 
performed as will be described later. 

The "USER_NAME" field 35b holds the names of users of the system in the form of character strings. 

A flow chart of the system operation is shown in figure 7. A first step in the operation is initialisation, as represented 
20 by box 70. In this step the terminals 3, 4 and 5 are switched on, as is the main computer 2, and readied for use. 

A second step, as represented by box 71, is to create the tables in memory 2b. This is done by the database 
engine 31 using a SQL command CREATE TABLE in the following way 

For the "EMPLOY" table 33 the following command statement is implemented by the database engine 31 :- 



25 



30 



35 



40 



45 



50 



55 



CREATE TABLE EMPLOY 
( 

EMP NUMBER {4) 
NAME CHAR (30), 
POSITION CHAR (10), 
SAL NUMBER (7), 

DEPT CHAR (10), 

ROVVTAG CHAR (1) 

); 

The "SECURITY" table 34 is configured by use of the SQL CREATE TABLE command in the following way. 

CREATE TABLE SECURITY 
(ROWJTAG CHAR (1), 
USER_TAG CHAR (1) 

); 

The "USER" table 35 is configured, by the SQL CREATE COMMAND in the following way 
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CREATE TABLE USER 
{ 

5 USER JTAG CHAR (1), 

USERJMAME CHAR (10) 
); 

10 

I n a next step 72 the tables are populated with data. This is done by the network administrator utilising the database 
engine 31 and the SQL INSERT command in the following way. 

For example to insert a row of data about an employee called Stuart Fitchett into the "EMPLOY" table the following 
command is issued by the administrator. 

15 

INSERT INTO EMPLOY 

VALUES (10, 'Stuart Fitchett 1 , 'CLERK', 1000, 'CS\ 'U'); 

Thus, it is recorded that employee number 10 is called Fitchett, he is a clerk earning £1000 per month in the 
20 customer services department (abbreviated CS) and the security tag required to read this information is 'U\ 

Data is entered into the ■SECURITY" table 34 in a similar way. For example the first seven rows of data may be 
entered in the following manner. 

INSERT INTO SECURITY 
25 VALUES ('U', 'A'); 

INSERT INTO SECURITY 

VALUES ('V,' 'A'); 

INSERT INTO SECURITY 

VALUES ('U,' 'B'); 
30 INSERT INTO SECURITY 

VALUES (W 'B'); 

INSERT INTO SECURITY 

VALUES (W 'C'); 

35 The USER table is completed in a similar manner 

INSERT INTO USER 
VALUES ('A', 'SMITH'); 
INSERT INTO USER 
40 VALUES ('B', 'JONES'); 

INSERT INTO USER 
VALUES ('C\ 'BROWN'); 

The database engine 31 then awaits a request from one of the users for information from the database 32 as 
45 represented by box 73 of figure 7. 

When a request is received it is processed, as represented by box 74. Upon completion of the processing the 
system returns to the await request step 73. 

The completed tables are schematically shown in figure 8. 

The process request step 74 will now be described in more detail with reference to figure 9. It is this processing 
so step that utilises the above mentioned mapping operation that implements the security policy governing the system 1 . 

A first step is for the database engine 31 to identify the user making the request for access to information stored 
in the database 32, as represented by box 90 of figure 9. 

A next step is for the database engine 31 to utilise the "USER_TABLE" 35 to obtain a "USER_TAG" appropriate 
for the identified user, as represented by box 91 . 
ss a further step, as represented by box 92, is for the database engine 31 to utilise the "SECURITY" table 34 to obtain 

a "ROW_TAG" appropriate for the "USER_TAG" identified in step 91 . 

A final step, as represented by box 93, is for the database engine 31 to return from the "EMPLOY" table 33 a row 
or rows of data where a "ROW_TAG" associated with the row matches the "ROWJTAG" identified in the previous step, 
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step 92. 

An example will now be used to illustrate the way in which the database engine 31 processes a request. 
A user having a USER_NAME SMITH has been assigned a USERJAG A and this may be mapped via the "SE- 
CURITY* table 34 to ROW_TAGS U and V. This enables SMITH to gain access to rows of the EMPLOY table 33 which 
s have been assigned ROW_TAGS U or V. Thus SMITH is mapped onto rows ROW1 , ROW2 and ROW3 of table EM- 
PLOY and can view the data of those rows. 

In more detail, suppose SMITH wishes to access all the information that he can from the "EMPLOY* table 33. lb 
do this SMITH sends a SQL SELECT command SELECT * FROM EMPLOY; to the database engine 31 . 

The database engine 31 attributes an argument to this command of SMITH to identify the user and then performs 
io the following mapping operation where USER_NAME is "SMITH". The mapping operation being provided in the pro- 
gramme governing the operation of the database engine 31. 



CREATE VIEW SECURE_EMPLOY AS 
SELECT EMP, 

NAME, 

POSITION, 

20 

SAL, 
DEPT. 

25 

FROM EMPLOY 

WHERE EMPLOY.ROW_TAG IN 

30 . ' 

SELECT SECURITY.ROW_TAG 
FROM SECURITY 

„ WHERE SECURITY. USER_TAG IN 

\ 

SELECT USER.USER_.TAG 
w FROM USER 

WHERE USER.USER_NAME = username 
) 

) 

This returns to the user SMITH the rows of table 'EMPLOY' which have a ROW_TAG 'IT or V that is to say rows 
ROW 1 , ROW 2 and ROW 3 of the table 33. It should be noted that since the SELECT command did not include the 
■ROW_TAG" column of the 'EMPLOY' table 33 this information is not returned to the user and the security policy 
50 governing the data cannot be determined by the user. Thus, the security policy is transparent to the user. 

The system caters for access by BROWN and JONES in a similar way with the user name argument attributed by 
the database engine being BROWN or JONES as appropriate. 

If a change in the security policy is to be implemented, for example, the class of user having a USER_TAG of 'A', 
formerly having access to rows in the EMPLOY table 33 having TAG 'LP or V, is to be restricted to only rows having 
55 TAG 'U', then it is only necessary for the network administrator to amend the SECURITY table 34 by deleting from the 
security tags assigned to user tag A. This could be achieved by using the SQL DELETE FROM table command thus: 

DELETE FROM SECURITY 
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WHERE SECURITY. USE R_TAG = TV 
AND SECU RITY. ROW_TAG = 'V; 

Thus the second row of the ■SECURITY" table 34 as shown in figure 8 is deleted, eliminating that mapping path 
s from user SMITH to the second row of the "EMPLOY" table 6 having TAG" 'V. 

To extend the amount of the EMPLOY table 33 accessible to a class of user having a USER_TAG 'B*, for example, 
to enable rows having a ROVVTAG V or ROVVJAG 'X 1 to be accessed, the SQL command INSERT INTO table is 
used thus: 

10 INSERT INTO SECURITY 

VALUES (V, 'B'); 

INSERT INTO SECURITY SECURITY 
VALUES fX\ 'B'); 

is This will provide the two further mapping paths from the user table to the EMPLOY table as shown in broken outline 

in figure 8. 

In some database security systems it will be desirable to prevent data being updated in the database by some 
classes of users. One way in which this may be achieved is creating a view onto the EMPLOY table 33 which is secure 
in the sense of a check option being provided to prevent a user inserting an entry into a part of the database which he 
20 cannot subsequently delete information from. Insertion of data or updates of data are only allowed if a SQL "WHERE" 
statement is satisfied. For example: 



CREATE VIEW SECURE EMPLOY 2 AS 

25 ~ 

SELECT* 
FROM EMPLOY 

WHERE EMPLOY. ROW TAG IN 

30 ~ 

i 

SELECT SECURITY. ROWJTAG 

FROM SECURITY 

WHERE SECURITY.USERJTAG IN 

( 

SELECT USER.USERJTAG 
FROM USER 

WHERE USER.USER NAME = USERNAME 



45 

) 

) 

50 WITH CHECK OPTION 



In the first described embodiment the database contained information about employees that is to say the database 
was a personnel database. Other types of information could be stored. 
55 Figure 10 shows a system 1 in accordance with the invention, being used in a network manager. In this system 

the database includes information such as configuration management information on a telecommunications network 
1 00 comprising a number of network elements 1 01 to 1 03 and their element managers 1 04 to 1 06. Users of the system 
1 , such as network managers concerned with the operation and control of the network 1 00, can then be provided with 
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access to different parts of the database in the same way as earlier described. 



Claims 

1. A method of controlling access by a user to a database which comprises a set of data divided into sub-sets of 
data, said method comprising the steps of: assigning a single security tag to each sub-set of data in at least some 
of said sub-sets of data, assigning a user tag to an identifier for each user in a user table, assigning at least one 
security tag to each user tag in a security table, utilising the user table to obtain the user tag for the user, utilising 
the security table to obtain at least one security tag corresponding to the user tag, and permitting the user to access 
any sub-set of data having said at least one security tag. 

2. A method of controlling access by a user to a database as claimed in claim 1 , in which the database is a relational 
database having rows of data, each row of data forming a sub-set of data. 

3. An apparatus for controlling access by a user to a database divided into sub-sets of data, said apparatus comprising 
means for assigning a single security tag to each sub-set of data in at least some of said sub-sets of data, means 
for assigning a user tag to an identifier for each user in a user table, means for assigning at least one security tag 
to each user tag in a security table, means for utilising the user table to obtain the user tag for a user, means for 
utilising the security table to obtain at least one security tag corresponding to a user tag, and means for permitting 
a user to access any sub-set of data having said at least one security tag. 

4. An apparatus for controlling access by a user to a database as claimed in claim 3, in which the database is a 
relational database having rows of data, each row of data forming a sub-set of data. 



Patentanspruche 

1 . Verfahren zum Steuem des Zugriffs eines Benutzers auf eine Datenbank, die eine in Datenuntermengen unterteilte 
Datenmenge enthalt, wobei das Verfahren die folgenden Schritte enthalt: Zuweisen eines einzelnen Sicherheits- 
etiketts an jede Datenuntermenge in wenigstens einigen der Datenuntermengen, Zuweisen eines Benutzeretiketts 
an einen Identifizierer f Or jeden Benutzer in einer Benutzertabelle, Zuweisen wenigstens eines Sicherheitsetiketts 
an jedes Benutzeretikett in einer Sicherheitstabelle, Verwenden der Benutzertabelle, urn das Benutzeretikett fur 
den Benutzer zu erhalten, Verwenden der Sicherheitstabelle, urn wenigstens ein dem Benutzeretikett entspre- 
chendes Sicherheitsetikett zu erhalten, und Zulassen, daB der Benutzer auf irgendeine Datenuntermenge, die das 
wenigstens eine Sicherheitsetikett besitzt, zugreifen kann. 

2. Verfahren zum Steuem des Zugriffs eines Benutzers auf eine Datenbank nach Anspruch 1 , bei dem die Datenbank 
eine relationale Datenbank mit Datenzeilen ist, wovon jede eine Datenuntermenge bildet. 

3. Vorrichtung zum Steuern des Zugriffs eines Benutzers auf eine Datenbank, die in Datenuntermengen unterteilt 
ist, wobei die Vorrichtung eine Einrichtung zum Zuweisen eines einzelnen Sicherheitsetiketts an jede Datenunter- 
menge in wenigstens einigen der Datenuntermengen, eine Einrichtung zum Zuweisen eines Benutzeretiketts an 
einen Identifizierer fur jeden Benutzer in einer Benutzertabelle, eine Einrichtung zum Zuweisen wenigstens eines 
Sicherheitsetiketts an jedes Benutzeretikett in einer Sicherheitstabelle, eine Einrichtung zum Verwenden der Be- 
nutzertabelle, urn das Benutzeretikett fur einen Benutzer zu erhalten, eine Einrichtung zum Verwenden der Si- 
cherheitstabelle, urn wenigstens ein Sicherheitsetikett zu erhalten, das einem Benutzeretikett entspricht, sowie 
eine Einrichtung enthalt, die zulaBt, daB ein Benutzer auf irgendeine Datenuntermenge, die das wenigstens eine 
Sicherheitsetikett besitzt, zugreifen kann. 

4. Vorrichtung zum Steuern des Zugriffs eines Benutzers auf eine Datenbank nach Anspruch 3, bei der die Datenbank 
eine relationale Datenbank mit Datenzeilen ist, wovon jede eine Datenuntermenge bildet. 



Revendications 

1 . Precede servant a controler faeces pour les usagers a une base de donnees contenant un ensemble de donn6es 
divis6es en sous-ensembles de donnSes, ledit proc6d6 comprenant les Stapes consistant a : 
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attribuer a chaque sous-ensemble de donnees un label de sOrete unique, au moins en ce qui conceme certains 
de ces sous-ensembles de donnees, 

- attribuer a un signe distinctrf une marque d'usager pour chaque usager faisant partie d'une liste d'usagers, 

- attribuer a chaque marque d'usager au moins un label de sOrete dans une table de sOrete, 
utiliser la liste des usagers pour obtenir la marque d'usager pour I'usager, 

utiliser la table de sOrete pour obtenir au moins un label de sOrete correspondent a la marque d'usager, et 
permettre a I'usager d'acceder a tout sous-ensemble de donnees ayant ledit au moins un label de sOrete. 

Precede servant a contrdler I'acces pour les usagers a une base de donnees sebn la revendication 1 , dans lequel 
la base de donnees est une base de donnees de relation possedant des rangees de donnees, chaque rangee de 
donnees formant un sous-ensemble de donnees. 

Dispositif destine a contrdler I'acces pour les usagers a une base de donnees divisee en sous-ensembles de 
donnees, ledit dispositif comprenant : 

des moyens servant a attribuer a chaque sous-ensemble de donnees un label de sOrete unique, au moins en 
ce qui conceme certains de ces sous-ensembles de donnees, 

- des moyens servant a attribuer a un signe distinctif une marque d'usager pour chaque usager faisant partie 
d'une liste d'usagers, 

des moyens servant a attribuer a chaque marque d'usager au moins un label de sOrete dans une table de 
sOrete, 

des moyens servant a utiliser la liste des usagers pour obtenir la marque d'usager pour I'usager, 

des moyens servant a utiliser la table de suretd pour obtenir au moins un label de sOrete* correspondant a une 

marque d'usager, et 

des moyens servant a permettre a I'usager d'acceder a tout sous-ensemble de donnees ayant ledit au moins 
un label de sOrete. 

Dispositif destine a contrdler I'acces pour les usagers a une base de donnees selon la revendication 3, dans lequel 
la base de donnees est une base de donnees de relation possedant des rangees de donnees, chaque rangee de 
donnees formant un sous-ensemble de donnees. 
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